V723. Function returns a pointer to the internal string buffer of a local object, which will be destroyed.

The analyzer has detected an issue when a function returns a pointer to the internal string buffer of a local object. This object will be automatically destroyed together with its buffer after leaving the function, so you won't be able to use the pointer to it.

The most common and simple code example triggering this message looks like this:

const char* Foo()
{
  std::string str = "local";
  return str.c_str();
}

In this code, the Foo() function returns a C-string stored in the internal buffer of the str object which will be automatically destroyed. As a result, we'll get an incorrect pointer that will cause undefined behavior when we try to use it. The fixed code should look as follows:

const char* Foo()
{
  static std::string str = "static";
  return str.c_str();
}

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-416.


Bugs Found

Checked Projects
410
Collected Errors
14 111
This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site. Learn More →
Accept